FreeRDP
Loading...
Searching...
No Matches
include/winpr/sspi.h
1
20#ifndef WINPR_SSPI_H
21#define WINPR_SSPI_H
22
23#include <winpr/platform.h>
24#include <winpr/winpr.h>
25#include <winpr/cast.h>
26#include <winpr/wtypes.h>
27#include <winpr/windows.h>
28#include <winpr/security.h>
29
30#ifdef _WIN32
31
32#include <tchar.h>
33#include <winerror.h>
34
35#define SECURITY_WIN32
36#include <sspi.h>
37#include <security.h>
38
39#endif /* _WIN32 */
40
41#if !defined(_WIN32) || defined(_UWP)
42
43#ifndef SEC_ENTRY
44#define SEC_ENTRY
45#endif /* SEC_ENTRY */
46
47typedef CHAR SEC_CHAR;
48typedef WCHAR SEC_WCHAR;
49
50typedef struct
51{
52 UINT32 LowPart;
53 INT32 HighPart;
54} SECURITY_INTEGER;
55
56typedef SECURITY_INTEGER TimeStamp;
57typedef SECURITY_INTEGER* PTimeStamp;
58
59WINPR_PRAGMA_DIAG_PUSH
60WINPR_PRAGMA_DIAG_IGNORED_RESERVED_ID_MACRO
61
62#ifndef __SECSTATUS_DEFINED__
63typedef LONG SECURITY_STATUS;
64// NOLINTNEXTLINE(bugprone-reserved-identifier,cert-dcl37-c,cert-dcl51-cpp)
65#define __SECSTATUS_DEFINED__
66#endif /* __SECSTATUS_DEFINED__ */
67
68WINPR_PRAGMA_DIAG_POP
69
70typedef struct
71{
72 UINT32 fCapabilities;
73 UINT16 wVersion;
74 UINT16 wRPCID;
75 UINT32 cbMaxToken;
76 SEC_CHAR* Name;
77 SEC_CHAR* Comment;
78} SecPkgInfoA;
79typedef SecPkgInfoA* PSecPkgInfoA;
80
81typedef struct
82{
83 UINT32 fCapabilities;
84 UINT16 wVersion;
85 UINT16 wRPCID;
86 UINT32 cbMaxToken;
87 SEC_WCHAR* Name;
88 SEC_WCHAR* Comment;
89} SecPkgInfoW;
90typedef SecPkgInfoW* PSecPkgInfoW;
91
92#ifdef UNICODE
93#define SecPkgInfo SecPkgInfoW
94#define PSecPkgInfo PSecPkgInfoW
95#else
96#define SecPkgInfo SecPkgInfoA
97#define PSecPkgInfo PSecPkgInfoA
98#endif /* UNICODE */
99
100#endif /* !defined(_WIN32) || defined(_UWP) */
101
102#define NTLM_SSP_NAME _T("NTLM")
103#define KERBEROS_SSP_NAME _T("Kerberos")
104#define NEGO_SSP_NAME _T("Negotiate")
105
106#define SECPKG_ID_NONE 0xFFFF
107
108#define SECPKG_FLAG_INTEGRITY 0x00000001
109#define SECPKG_FLAG_PRIVACY 0x00000002
110#define SECPKG_FLAG_TOKEN_ONLY 0x00000004
111#define SECPKG_FLAG_DATAGRAM 0x00000008
112#define SECPKG_FLAG_CONNECTION 0x00000010
113#define SECPKG_FLAG_MULTI_REQUIRED 0x00000020
114#define SECPKG_FLAG_CLIENT_ONLY 0x00000040
115#define SECPKG_FLAG_EXTENDED_ERROR 0x00000080
116#define SECPKG_FLAG_IMPERSONATION 0x00000100
117#define SECPKG_FLAG_ACCEPT_WIN32_NAME 0x00000200
118#define SECPKG_FLAG_STREAM 0x00000400
119#define SECPKG_FLAG_NEGOTIABLE 0x00000800
120#define SECPKG_FLAG_GSS_COMPATIBLE 0x00001000
121#define SECPKG_FLAG_LOGON 0x00002000
122#define SECPKG_FLAG_ASCII_BUFFERS 0x00004000
123#define SECPKG_FLAG_FRAGMENT 0x00008000
124#define SECPKG_FLAG_MUTUAL_AUTH 0x00010000
125#define SECPKG_FLAG_DELEGATION 0x00020000
126#define SECPKG_FLAG_READONLY_WITH_CHECKSUM 0x00040000
127#define SECPKG_FLAG_RESTRICTED_TOKENS 0x00080000
128#define SECPKG_FLAG_NEGO_EXTENDER 0x00100000
129#define SECPKG_FLAG_NEGOTIABLE2 0x00200000
130
131#ifndef _WINERROR_
132
133#define SEC_E_OK WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00000000)
134#define SEC_E_INSUFFICIENT_MEMORY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090300)
135#define SEC_E_INVALID_HANDLE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090301)
136#define SEC_E_UNSUPPORTED_FUNCTION WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090302)
137#define SEC_E_TARGET_UNKNOWN WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090303)
138#define SEC_E_INTERNAL_ERROR WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090304)
139#define SEC_E_SECPKG_NOT_FOUND WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090305)
140#define SEC_E_NOT_OWNER WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090306)
141#define SEC_E_CANNOT_INSTALL WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090307)
142#define SEC_E_INVALID_TOKEN WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090308)
143#define SEC_E_CANNOT_PACK WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090309)
144#define SEC_E_QOP_NOT_SUPPORTED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009030A)
145#define SEC_E_NO_IMPERSONATION WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009030B)
146#define SEC_E_LOGON_DENIED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009030C)
147#define SEC_E_UNKNOWN_CREDENTIALS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009030D)
148#define SEC_E_NO_CREDENTIALS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009030E)
149#define SEC_E_MESSAGE_ALTERED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009030F)
150#define SEC_E_OUT_OF_SEQUENCE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090310)
151#define SEC_E_NO_AUTHENTICATING_AUTHORITY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090311)
152#define SEC_E_BAD_PKGID WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090316)
153#define SEC_E_CONTEXT_EXPIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090317)
154#define SEC_E_INCOMPLETE_MESSAGE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090318)
155#define SEC_E_INCOMPLETE_CREDENTIALS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090320)
156#define SEC_E_BUFFER_TOO_SMALL WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090321)
157#define SEC_E_WRONG_PRINCIPAL WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090322)
158#define SEC_E_TIME_SKEW WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090324)
159#define SEC_E_UNTRUSTED_ROOT WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090325)
160#define SEC_E_ILLEGAL_MESSAGE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090326)
161#define SEC_E_CERT_UNKNOWN WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090327)
162#define SEC_E_CERT_EXPIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090328)
163#define SEC_E_ENCRYPT_FAILURE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090329)
164#define SEC_E_DECRYPT_FAILURE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090330)
165#define SEC_E_ALGORITHM_MISMATCH WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090331)
166#define SEC_E_SECURITY_QOS_FAILED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090332)
167#define SEC_E_UNFINISHED_CONTEXT_DELETED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090333)
168#define SEC_E_NO_TGT_REPLY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090334)
169#define SEC_E_NO_IP_ADDRESSES WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090335)
170#define SEC_E_WRONG_CREDENTIAL_HANDLE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090336)
171#define SEC_E_CRYPTO_SYSTEM_INVALID WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090337)
172#define SEC_E_MAX_REFERRALS_EXCEEDED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090338)
173#define SEC_E_MUST_BE_KDC WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090339)
174#define SEC_E_STRONG_CRYPTO_NOT_SUPPORTED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009033A)
175#define SEC_E_TOO_MANY_PRINCIPALS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009033B)
176#define SEC_E_NO_PA_DATA WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009033C)
177#define SEC_E_PKINIT_NAME_MISMATCH WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009033D)
178#define SEC_E_SMARTCARD_LOGON_REQUIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009033E)
179#define SEC_E_SHUTDOWN_IN_PROGRESS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009033F)
180#define SEC_E_KDC_INVALID_REQUEST WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090340)
181#define SEC_E_KDC_UNABLE_TO_REFER WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090341)
182#define SEC_E_KDC_UNKNOWN_ETYPE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090342)
183#define SEC_E_UNSUPPORTED_PREAUTH WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090343)
184#define SEC_E_DELEGATION_REQUIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090345)
185#define SEC_E_BAD_BINDINGS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090346)
186#define SEC_E_MULTIPLE_ACCOUNTS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090347)
187#define SEC_E_NO_KERB_KEY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090348)
188#define SEC_E_CERT_WRONG_USAGE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090349)
189#define SEC_E_DOWNGRADE_DETECTED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090350)
190#define SEC_E_SMARTCARD_CERT_REVOKED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090351)
191#define SEC_E_ISSUING_CA_UNTRUSTED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090352)
192#define SEC_E_REVOCATION_OFFLINE_C WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090353)
193#define SEC_E_PKINIT_CLIENT_FAILURE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090354)
194#define SEC_E_SMARTCARD_CERT_EXPIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090355)
195#define SEC_E_NO_S4U_PROT_SUPPORT WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090356)
196#define SEC_E_CROSSREALM_DELEGATION_FAILURE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090357)
197#define SEC_E_REVOCATION_OFFLINE_KDC WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090358)
198#define SEC_E_ISSUING_CA_UNTRUSTED_KDC WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090359)
199#define SEC_E_KDC_CERT_EXPIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035A)
200#define SEC_E_KDC_CERT_REVOKED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035B)
201#define SEC_E_INVALID_PARAMETER WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035D)
202#define SEC_E_DELEGATION_POLICY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035E)
203#define SEC_E_POLICY_NLTM_ONLY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035F)
204#define SEC_E_NO_CONTEXT WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090361)
205#define SEC_E_PKU2U_CERT_FAILURE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090362)
206#define SEC_E_MUTUAL_AUTH_FAILED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090363)
207
208#define SEC_I_CONTINUE_NEEDED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090312)
209#define SEC_I_COMPLETE_NEEDED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090313)
210#define SEC_I_COMPLETE_AND_CONTINUE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090314)
211#define SEC_I_LOCAL_LOGON WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090315)
212#define SEC_I_CONTEXT_EXPIRED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090317)
213#define SEC_I_INCOMPLETE_CREDENTIALS WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090320)
214#define SEC_I_RENEGOTIATE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090321)
215#define SEC_I_NO_LSA_CONTEXT WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090323)
216#define SEC_I_SIGNATURE_NEEDED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x0009035C)
217#define SEC_I_NO_RENEGOTIATION WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090360)
218
219#endif /* _WINERROR_ */
220
221/* ============== some definitions missing in mingw ========================*/
222#ifndef SEC_E_INVALID_PARAMETER
223#define SEC_E_INVALID_PARAMETER WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035D)
224#endif
225
226#ifndef SEC_E_DELEGATION_POLICY
227#define SEC_E_DELEGATION_POLICY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035E)
228#endif
229
230#ifndef SEC_E_POLICY_NLTM_ONLY
231#define SEC_E_POLICY_NLTM_ONLY WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x8009035F)
232#endif
233
234#ifndef SEC_E_NO_CONTEXT
235#define SEC_E_NO_CONTEXT WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090361)
236#endif
237
238#ifndef SEC_E_PKU2U_CERT_FAILURE
239#define SEC_E_PKU2U_CERT_FAILURE WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090362)
240#endif
241
242#ifndef SEC_E_MUTUAL_AUTH_FAILED
243#define SEC_E_MUTUAL_AUTH_FAILED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x80090363)
244#endif
245
246#ifndef SEC_I_SIGNATURE_NEEDED
247#define SEC_I_SIGNATURE_NEEDED WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x0009035C)
248#endif
249
250#ifndef SEC_I_NO_RENEGOTIATION
251#define SEC_I_NO_RENEGOTIATION WINPR_CXX_COMPAT_CAST(SECURITY_STATUS, 0x00090360)
252#endif
253
254/* ==================================================================================== */
255
256#define SECURITY_NATIVE_DREP 0x00000010
257#define SECURITY_NETWORK_DREP 0x00000000
258
259#define SECPKG_CRED_INBOUND 0x00000001
260#define SECPKG_CRED_OUTBOUND 0x00000002
261#define SECPKG_CRED_BOTH 0x00000003
262#define SECPKG_CRED_AUTOLOGON_RESTRICTED 0x00000010
263#define SECPKG_CRED_PROCESS_POLICY_ONLY 0x00000020
264
265/* Security Context Attributes */
266
267#define SECPKG_ATTR_SIZES 0
268#define SECPKG_ATTR_NAMES 1
269#define SECPKG_ATTR_LIFESPAN 2
270#define SECPKG_ATTR_DCE_INFO 3
271#define SECPKG_ATTR_STREAM_SIZES 4
272#define SECPKG_ATTR_KEY_INFO 5
273#define SECPKG_ATTR_AUTHORITY 6
274#define SECPKG_ATTR_PROTO_INFO 7
275#define SECPKG_ATTR_PASSWORD_EXPIRY 8
276#define SECPKG_ATTR_SESSION_KEY 9
277#define SECPKG_ATTR_PACKAGE_INFO 10
278#define SECPKG_ATTR_USER_FLAGS 11
279#define SECPKG_ATTR_NEGOTIATION_INFO 12
280#define SECPKG_ATTR_NATIVE_NAMES 13
281#define SECPKG_ATTR_FLAGS 14
282#define SECPKG_ATTR_USE_VALIDATED 15
283#define SECPKG_ATTR_CREDENTIAL_NAME 16
284#define SECPKG_ATTR_TARGET_INFORMATION 17
285#define SECPKG_ATTR_ACCESS_TOKEN 18
286#define SECPKG_ATTR_TARGET 19
287#define SECPKG_ATTR_AUTHENTICATION_ID 20
288#define SECPKG_ATTR_LOGOFF_TIME 21
289#define SECPKG_ATTR_NEGO_KEYS 22
290#define SECPKG_ATTR_PROMPTING_NEEDED 24
291#define SECPKG_ATTR_UNIQUE_BINDINGS 25
292#define SECPKG_ATTR_ENDPOINT_BINDINGS 26
293#define SECPKG_ATTR_CLIENT_SPECIFIED_TARGET 27
294#define SECPKG_ATTR_LAST_CLIENT_TOKEN_STATUS 30
295#define SECPKG_ATTR_NEGO_PKG_INFO 31
296#define SECPKG_ATTR_NEGO_STATUS 32
297#define SECPKG_ATTR_CONTEXT_DELETED 33
298
299#if !defined(_WIN32) || defined(_UWP)
300
301typedef struct
302{
303 void* AccessToken;
304} SecPkgContext_AccessToken;
305
306typedef struct
307{
308 UINT32 dwFlags;
309 UINT32 cbAppData;
310 BYTE* pbAppData;
311} SecPkgContext_SessionAppData;
312
313typedef struct
314{
315 char* sAuthorityName;
316} SecPkgContext_Authority;
317
318typedef struct
319{
320 char* sTargetName;
321} SecPkgContext_ClientSpecifiedTarget;
322
323typedef UINT32 ALG_ID;
324
325typedef struct
326{
327 UINT32 dwProtocol;
328 ALG_ID aiCipher;
329 UINT32 dwCipherStrength;
330 ALG_ID aiHash;
331 UINT32 dwHashStrength;
332 ALG_ID aiExch;
333 UINT32 dwExchStrength;
334} SecPkgContext_ConnectionInfo;
335
336typedef struct
337{
338 UINT32 AuthBufferLen;
339 BYTE* AuthBuffer;
340} SecPkgContext_ClientCreds;
341
342typedef struct
343{
344 UINT32 AuthzSvc;
345 void* pPac;
346} SecPkgContex_DceInfo;
347
348typedef struct
349{
350 UINT32 dwInitiatorAddrType;
351 UINT32 cbInitiatorLength;
352 UINT32 dwInitiatorOffset;
353 UINT32 dwAcceptorAddrType;
354 UINT32 cbAcceptorLength;
355 UINT32 dwAcceptorOffset;
356 UINT32 cbApplicationDataLength;
357 UINT32 dwApplicationDataOffset;
358} SEC_CHANNEL_BINDINGS;
359
360typedef struct
361{
362 BYTE rgbKeys[128];
363 BYTE rgbIVs[64];
364} SecPkgContext_EapKeyBlock;
365
366typedef struct
367{
368 UINT32 Flags;
369} SecPkgContext_Flags;
370
371typedef struct
372{
373 char* sSignatureAlgorithmName;
374 char* sEncryptAlgorithmName;
375 UINT32 KeySize;
376 UINT32 SignatureAlgorithm;
377 UINT32 EncryptAlgorithm;
378} SecPkgContext_KeyInfo;
379
380typedef struct
381{
382 TimeStamp tsStart;
383 TimeStamp tsExpiry;
384} SecPkgContext_Lifespan;
385
386typedef struct
387{
388 char* sUserName;
389} SecPkgContext_Names;
390
391typedef struct
392{
393 char* sClientName;
394 char* sServerName;
395} SecPkgContext_NativeNames;
396
397typedef struct
398{
399 SecPkgInfoA* PackageInfo;
400 UINT32 NegotiationState;
401} SecPkgContext_NegotiationInfoA;
402
403typedef struct
404{
405 SecPkgInfoW* PackageInfo;
406 UINT32 NegotiationState;
407} SecPkgContext_NegotiationInfoW;
408
409#ifdef UNICODE
410#define SecPkgContext_NegotiationInfo SecPkgContext_NegotiationInfoW
411#else
412#define SecPkgContext_NegotiationInfo SecPkgContext_NegotiationInfoA
413#endif /* UNICODE */
414
415typedef struct
416{
417 SecPkgInfoA* PackageInfo;
418} SecPkgContext_PackageInfoA;
419
420typedef struct
421{
422 SecPkgInfoW* PackageInfo;
423} SecPkgContext_PackageInfoW;
424
425#ifdef UNICODE
426#define SecPkgContext_PackageInfo SecPkgContext_PackageInfoW
427#else
428#define SecPkgContext_PackageInfo SecPkgContext_PackageInfoA
429#endif /* UNICODE */
430
431typedef struct
432{
433 TimeStamp tsPasswordExpires;
434} SecPkgContext_PasswordExpiry;
435
436typedef struct
437{
438 UINT32 SessionKeyLength;
439 BYTE* SessionKey;
440} SecPkgContext_SessionKey;
441
442typedef struct
443{
444 UINT32 dwFlags;
445 UINT32 cbSessionId;
446 BYTE rgbSessionId[32];
447} SecPkgContext_SessionInfo;
448
449typedef struct
450{
451 UINT32 cbMaxToken;
452 UINT32 cbMaxSignature;
453 UINT32 cbBlockSize;
454 UINT32 cbSecurityTrailer;
455} SecPkgContext_Sizes;
456
457typedef struct
458{
459 UINT32 cbHeader;
460 UINT32 cbTrailer;
461 UINT32 cbMaximumMessage;
462 UINT32 cBuffers;
463 UINT32 cbBlockSize;
464} SecPkgContext_StreamSizes;
465
466typedef struct
467{
468 void* AttributeInfo;
469} SecPkgContext_SubjectAttributes;
470
471typedef struct
472{
473 UINT16 cSignatureAndHashAlgorithms;
474 UINT16* pSignatureAndHashAlgorithms;
475} SecPkgContext_SupportedSignatures;
476
477typedef struct
478{
479 UINT32 MarshalledTargetInfoLength;
480 BYTE* MarshalledTargetInfo;
481} SecPkgContext_TargetInformation;
482
483/* Security Credentials Attributes */
484
485#define SECPKG_CRED_ATTR_NAMES 1
486#define SECPKG_CRED_ATTR_SSI_PROVIDER 2
487#define SECPKG_CRED_ATTR_CERT 4
488#define SECPKG_CRED_ATTR_PAC_BYPASS 5
489
490typedef struct
491{
492 SEC_CHAR* sUserName;
493} SecPkgCredentials_NamesA;
494typedef SecPkgCredentials_NamesA* PSecPkgCredentials_NamesA;
495
496typedef struct
497{
498 SEC_WCHAR* sUserName;
499} SecPkgCredentials_NamesW;
500typedef SecPkgCredentials_NamesW* PSecPkgCredentials_NamesW;
501
502#ifdef UNICODE
503#define SecPkgCredentials_Names SecPkgCredentials_NamesW
504#define PSecPkgCredentials_Names PSecPkgCredentials_NamesW
505#else
506#define SecPkgCredentials_Names SecPkgCredentials_NamesA
507#define PSecPkgCredentials_Names PSecPkgCredentials_NamesA
508#endif
509
510typedef struct
511{
512 SEC_WCHAR* sProviderName;
513 unsigned long ProviderInfoLength;
514 char* ProviderInfo;
515} SecPkgCredentials_SSIProviderW, *PSecPkgCredentials_SSIProviderW;
516
517typedef struct
518{
519 SEC_CHAR* sProviderName;
520 unsigned long ProviderInfoLength;
521 char* ProviderInfo;
522} SecPkgCredentials_SSIProviderA, *PSecPkgCredentials_SSIProviderA;
523
524#ifdef UNICODE
525#define SecPkgCredentials_SSIProvider SecPkgCredentials_SSIProviderW
526#define PSecPkgCredentials_SSIProvider PSecPkgCredentials_SSIProviderW
527#else
528#define SecPkgCredentials_SSIProvider SecPkgCredentials_SSIProviderA
529#define PSecPkgCredentials_SSIProvider PSecPkgCredentials_SSIProviderA
530#endif
531
532typedef struct
533{
534 unsigned long EncodedCertSize;
535 unsigned char* EncodedCert;
536} SecPkgCredentials_Cert, *PSecPkgCredentials_Cert;
537
538#endif /* !defined(_WIN32) || defined(_UWP) */
539
540#if !defined(_WIN32) || defined(_UWP) || (defined(__MINGW32__) && (__MINGW64_VERSION_MAJOR <= 8))
541
542#define SECPKG_CRED_ATTR_KDC_PROXY_SETTINGS 3
543
544#define KDC_PROXY_SETTINGS_V1 1
545#define KDC_PROXY_SETTINGS_FLAGS_FORCEPROXY 0x1
546
547typedef struct
548{
549 ULONG Version;
550 ULONG Flags;
551 USHORT ProxyServerOffset;
552 USHORT ProxyServerLength;
553 USHORT ClientTlsCredOffset;
554 USHORT ClientTlsCredLength;
555} SecPkgCredentials_KdcProxySettingsW, *PSecPkgCredentials_KdcProxySettingsW;
556
557typedef struct
558{
559 ULONG Version;
560 ULONG Flags;
561 USHORT ProxyServerOffset;
562 USHORT ProxyServerLength;
563 USHORT ClientTlsCredOffset;
564 USHORT ClientTlsCredLength;
565} SecPkgCredentials_KdcProxySettingsA, *PSecPkgCredentials_KdcProxySettingsA;
566
567#ifdef UNICODE
568#define SecPkgCredentials_KdcProxySettings SecPkgCredentials_KdcProxySettingsW
569#define PSecPkgCredentials_KdcProxySettings PSecPkgCredentials_KdcProxySettingsW
570#else
571#define SecPkgCredentials_KdcProxySettings SecPkgCredentials_KdcProxySettingsA
572#define PSecPkgCredentials_KdcProxySettings SecPkgCredentials_KdcProxySettingsA
573#endif
574
575typedef struct
576{
577 UINT32 BindingsLength;
578 SEC_CHANNEL_BINDINGS* Bindings;
579} SecPkgContext_Bindings;
580#endif
581
582/* InitializeSecurityContext Flags */
583
584#define ISC_REQ_DELEGATE 0x00000001
585#define ISC_REQ_MUTUAL_AUTH 0x00000002
586#define ISC_REQ_REPLAY_DETECT 0x00000004
587#define ISC_REQ_SEQUENCE_DETECT 0x00000008
588#define ISC_REQ_CONFIDENTIALITY 0x00000010
589#define ISC_REQ_USE_SESSION_KEY 0x00000020
590#define ISC_REQ_PROMPT_FOR_CREDS 0x00000040
591#define ISC_REQ_USE_SUPPLIED_CREDS 0x00000080
592#define ISC_REQ_ALLOCATE_MEMORY 0x00000100
593#define ISC_REQ_USE_DCE_STYLE 0x00000200
594#define ISC_REQ_DATAGRAM 0x00000400
595#define ISC_REQ_CONNECTION 0x00000800
596#define ISC_REQ_CALL_LEVEL 0x00001000
597#define ISC_REQ_FRAGMENT_SUPPLIED 0x00002000
598#define ISC_REQ_EXTENDED_ERROR 0x00004000
599#define ISC_REQ_STREAM 0x00008000
600#define ISC_REQ_INTEGRITY 0x00010000
601#define ISC_REQ_IDENTIFY 0x00020000
602#define ISC_REQ_NULL_SESSION 0x00040000
603#define ISC_REQ_MANUAL_CRED_VALIDATION 0x00080000
604#define ISC_REQ_RESERVED1 0x00100000
605#define ISC_REQ_FRAGMENT_TO_FIT 0x00200000
606#define ISC_REQ_FORWARD_CREDENTIALS 0x00400000
607#define ISC_REQ_NO_INTEGRITY 0x00800000
608#define ISC_REQ_USE_HTTP_STYLE 0x01000000
609
610#define ISC_RET_DELEGATE 0x00000001
611#define ISC_RET_MUTUAL_AUTH 0x00000002
612#define ISC_RET_REPLAY_DETECT 0x00000004
613#define ISC_RET_SEQUENCE_DETECT 0x00000008
614#define ISC_RET_CONFIDENTIALITY 0x00000010
615#define ISC_RET_USE_SESSION_KEY 0x00000020
616#define ISC_RET_USED_COLLECTED_CREDS 0x00000040
617#define ISC_RET_USED_SUPPLIED_CREDS 0x00000080
618#define ISC_RET_ALLOCATED_MEMORY 0x00000100
619#define ISC_RET_USED_DCE_STYLE 0x00000200
620#define ISC_RET_DATAGRAM 0x00000400
621#define ISC_RET_CONNECTION 0x00000800
622#define ISC_RET_INTERMEDIATE_RETURN 0x00001000
623#define ISC_RET_CALL_LEVEL 0x00002000
624#define ISC_RET_EXTENDED_ERROR 0x00004000
625#define ISC_RET_STREAM 0x00008000
626#define ISC_RET_INTEGRITY 0x00010000
627#define ISC_RET_IDENTIFY 0x00020000
628#define ISC_RET_NULL_SESSION 0x00040000
629#define ISC_RET_MANUAL_CRED_VALIDATION 0x00080000
630#define ISC_RET_RESERVED1 0x00100000
631#define ISC_RET_FRAGMENT_ONLY 0x00200000
632#define ISC_RET_FORWARD_CREDENTIALS 0x00400000
633#define ISC_RET_USED_HTTP_STYLE 0x01000000
634
635/* AcceptSecurityContext Flags */
636
637#define ASC_REQ_DELEGATE 0x00000001
638#define ASC_REQ_MUTUAL_AUTH 0x00000002
639#define ASC_REQ_REPLAY_DETECT 0x00000004
640#define ASC_REQ_SEQUENCE_DETECT 0x00000008
641#define ASC_REQ_CONFIDENTIALITY 0x00000010
642#define ASC_REQ_USE_SESSION_KEY 0x00000020
643#define ASC_REQ_ALLOCATE_MEMORY 0x00000100
644#define ASC_REQ_USE_DCE_STYLE 0x00000200
645#define ASC_REQ_DATAGRAM 0x00000400
646#define ASC_REQ_CONNECTION 0x00000800
647#define ASC_REQ_CALL_LEVEL 0x00001000
648#define ASC_REQ_EXTENDED_ERROR 0x00008000
649#define ASC_REQ_STREAM 0x00010000
650#define ASC_REQ_INTEGRITY 0x00020000
651#define ASC_REQ_LICENSING 0x00040000
652#define ASC_REQ_IDENTIFY 0x00080000
653#define ASC_REQ_ALLOW_NULL_SESSION 0x00100000
654#define ASC_REQ_ALLOW_NON_USER_LOGONS 0x00200000
655#define ASC_REQ_ALLOW_CONTEXT_REPLAY 0x00400000
656#define ASC_REQ_FRAGMENT_TO_FIT 0x00800000
657#define ASC_REQ_FRAGMENT_SUPPLIED 0x00002000
658#define ASC_REQ_NO_TOKEN 0x01000000
659#define ASC_REQ_PROXY_BINDINGS 0x04000000
660#define ASC_REQ_ALLOW_MISSING_BINDINGS 0x10000000
661
662#define ASC_RET_DELEGATE 0x00000001
663#define ASC_RET_MUTUAL_AUTH 0x00000002
664#define ASC_RET_REPLAY_DETECT 0x00000004
665#define ASC_RET_SEQUENCE_DETECT 0x00000008
666#define ASC_RET_CONFIDENTIALITY 0x00000010
667#define ASC_RET_USE_SESSION_KEY 0x00000020
668#define ASC_RET_ALLOCATED_MEMORY 0x00000100
669#define ASC_RET_USED_DCE_STYLE 0x00000200
670#define ASC_RET_DATAGRAM 0x00000400
671#define ASC_RET_CONNECTION 0x00000800
672#define ASC_RET_CALL_LEVEL 0x00002000
673#define ASC_RET_THIRD_LEG_FAILED 0x00004000
674#define ASC_RET_EXTENDED_ERROR 0x00008000
675#define ASC_RET_STREAM 0x00010000
676#define ASC_RET_INTEGRITY 0x00020000
677#define ASC_RET_LICENSING 0x00040000
678#define ASC_RET_IDENTIFY 0x00080000
679#define ASC_RET_NULL_SESSION 0x00100000
680#define ASC_RET_ALLOW_NON_USER_LOGONS 0x00200000
681#define ASC_RET_FRAGMENT_ONLY 0x00800000
682#define ASC_RET_NO_TOKEN 0x01000000
683#define ASC_RET_NO_PROXY_BINDINGS 0x04000000
684#define ASC_RET_MISSING_BINDINGS 0x10000000
685
686#define SEC_WINNT_AUTH_IDENTITY_ANSI 0x1
687#define SEC_WINNT_AUTH_IDENTITY_UNICODE 0x2
688#define SEC_WINNT_AUTH_IDENTITY_MARSHALLED 0x4
689#define SEC_WINNT_AUTH_IDENTITY_ONLY 0x8
690#define SEC_WINNT_AUTH_IDENTITY_EXTENDED 0x100
691
692#define SEC_WINPR_AUTH_IDENTITY_PASSWORD_HASH 0x00800000
693
694#if !defined(_WIN32) || defined(_UWP) || defined(__MINGW32__)
695
696WINPR_PRAGMA_DIAG_PUSH
697WINPR_PRAGMA_DIAG_IGNORED_RESERVED_ID_MACRO
698
699#ifndef _AUTH_IDENTITY_DEFINED
700// NOLINTNEXTLINE(bugprone-reserved-identifier,cert-dcl37-c,cert-dcl51-cpp)
701#define _AUTH_IDENTITY_DEFINED
702
703typedef struct
704{
705 UINT16* User;
706 ULONG UserLength;
707 UINT16* Domain;
708 ULONG DomainLength;
709 UINT16* Password;
710 ULONG PasswordLength;
711 UINT32 Flags;
712} SEC_WINNT_AUTH_IDENTITY_W, *PSEC_WINNT_AUTH_IDENTITY_W;
713
714typedef struct
715{
716 BYTE* User;
717 ULONG UserLength;
718 BYTE* Domain;
719 ULONG DomainLength;
720 BYTE* Password;
721 ULONG PasswordLength;
722 UINT32 Flags;
723} SEC_WINNT_AUTH_IDENTITY_A, *PSEC_WINNT_AUTH_IDENTITY_A;
724
725// Always define SEC_WINNT_AUTH_IDENTITY to SEC_WINNT_AUTH_IDENTITY_W
726
727#ifdef UNICODE
728#define SEC_WINNT_AUTH_IDENTITY SEC_WINNT_AUTH_IDENTITY_W
729#define PSEC_WINNT_AUTH_IDENTITY PSEC_WINNT_AUTH_IDENTITY_W
730#else
731#define SEC_WINNT_AUTH_IDENTITY SEC_WINNT_AUTH_IDENTITY_W
732#define PSEC_WINNT_AUTH_IDENTITY PSEC_WINNT_AUTH_IDENTITY_W
733#endif
734
735#endif /* _AUTH_IDENTITY_DEFINED */
736
737#ifndef SEC_WINNT_AUTH_IDENTITY_VERSION
738#define SEC_WINNT_AUTH_IDENTITY_VERSION 0x200
739
740typedef struct
741{
742 UINT32 Version;
743 UINT32 Length;
744 UINT16* User;
745 UINT32 UserLength;
746 UINT16* Domain;
747 UINT32 DomainLength;
748 UINT16* Password;
749 UINT32 PasswordLength;
750 UINT32 Flags;
751 UINT16* PackageList;
752 UINT32 PackageListLength;
753} SEC_WINNT_AUTH_IDENTITY_EXW, *PSEC_WINNT_AUTH_IDENTITY_EXW;
754
755typedef struct
756{
757 UINT32 Version;
758 UINT32 Length;
759 BYTE* User;
760 UINT32 UserLength;
761 BYTE* Domain;
762 UINT32 DomainLength;
763 BYTE* Password;
764 UINT32 PasswordLength;
765 UINT32 Flags;
766 BYTE* PackageList;
767 UINT32 PackageListLength;
768} SEC_WINNT_AUTH_IDENTITY_EXA, *PSEC_WINNT_AUTH_IDENTITY_EXA;
769
770#ifdef UNICODE
771#define SEC_WINNT_AUTH_IDENTITY_EX SEC_WINNT_AUTH_IDENTITY_EXW
772#define PSEC_WINNT_AUTH_IDENTITY_EX PSEC_WINNT_AUTH_IDENTITY_EXW
773#else
774#define SEC_WINNT_AUTH_IDENTITY_EX SEC_WINNT_AUTH_IDENTITY_EXA
775#define PSEC_WINNT_AUTH_IDENTITY_EX PSEC_WINNT_AUTH_IDENTITY_EXA
776#endif
777
778#endif /* SEC_WINNT_AUTH_IDENTITY_VERSION */
779
780#ifndef SEC_WINNT_AUTH_IDENTITY_VERSION_2
781#define SEC_WINNT_AUTH_IDENTITY_VERSION_2 0x201
782
783typedef struct
784{
785 UINT32 Version;
786 UINT16 cbHeaderLength;
787 UINT32 cbStructureLength;
788 UINT32 UserOffset;
789 UINT16 UserLength;
790 UINT32 DomainOffset;
791 UINT16 DomainLength;
792 UINT32 PackedCredentialsOffset;
793 UINT16 PackedCredentialsLength;
794 UINT32 Flags;
795 UINT32 PackageListOffset;
796 UINT16 PackageListLength;
797} SEC_WINNT_AUTH_IDENTITY_EX2, *PSEC_WINNT_AUTH_IDENTITY_EX2;
798
799#endif /* SEC_WINNT_AUTH_IDENTITY_VERSION_2 */
800
801#ifndef _AUTH_IDENTITY_INFO_DEFINED
802// NOLINTNEXTLINE(bugprone-reserved-identifier,cert-dcl37-c,cert-dcl51-cpp)
803#define _AUTH_IDENTITY_INFO_DEFINED
804
805// https://docs.microsoft.com/en-us/windows/win32/api/sspi/ns-sspi-sec_winnt_auth_identity_info
806
815
816#define SEC_WINNT_AUTH_IDENTITY_FLAGS_PROCESS_ENCRYPTED 0x10
817#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SYSTEM_PROTECTED 0x20
818#define SEC_WINNT_AUTH_IDENTITY_FLAGS_USER_PROTECTED 0x40
819#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SYSTEM_ENCRYPTED 0x80
820#define SEC_WINNT_AUTH_IDENTITY_FLAGS_RESERVED 0x10000
821#define SEC_WINNT_AUTH_IDENTITY_FLAGS_NULL_USER 0x20000
822#define SEC_WINNT_AUTH_IDENTITY_FLAGS_NULL_DOMAIN 0x40000
823#define SEC_WINNT_AUTH_IDENTITY_FLAGS_ID_PROVIDER 0x80000
824
825#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_USE_MASK 0xFF000000
826#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_CREDPROV_DO_NOT_SAVE 0x80000000
827#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_SAVE_CRED_CHECKED 0x40000000
828#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_NO_CHECKBOX 0x20000000
829#define SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_CREDPROV_DO_NOT_LOAD 0x10000000
830
831#define SEC_WINNT_AUTH_IDENTITY_FLAGS_VALID_SSPIPFC_FLAGS \
832 (SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_CREDPROV_DO_NOT_SAVE | \
833 SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_SAVE_CRED_CHECKED | \
834 SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_NO_CHECKBOX | \
835 SEC_WINNT_AUTH_IDENTITY_FLAGS_SSPIPFC_CREDPROV_DO_NOT_LOAD)
836
837#endif /* _AUTH_IDENTITY_INFO_DEFINED */
838
839WINPR_PRAGMA_DIAG_POP
840
841#if !defined(__MINGW32__)
842typedef struct
843{
844 ULONG_PTR dwLower;
845 ULONG_PTR dwUpper;
846} SecHandle;
847typedef SecHandle* PSecHandle;
848
849typedef SecHandle CredHandle;
850typedef CredHandle* PCredHandle;
851typedef SecHandle CtxtHandle;
852typedef CtxtHandle* PCtxtHandle;
853
854#define SecInvalidateHandle(x) \
855 ((PSecHandle)(x))->dwLower = ((PSecHandle)(x))->dwUpper = ((ULONG_PTR)((INT_PTR)-1))
856
857#define SecIsValidHandle(x) \
858 ((((PSecHandle)(x))->dwLower != ((ULONG_PTR)((INT_PTR)-1))) && \
859 (((PSecHandle)(x))->dwUpper != ((ULONG_PTR)((INT_PTR)-1))))
860
861typedef struct
862{
863 ULONG cbBuffer;
864 ULONG BufferType;
865 void* pvBuffer;
866} SecBuffer;
867typedef SecBuffer* PSecBuffer;
868
869typedef struct
870{
871 ULONG ulVersion;
872 ULONG cBuffers;
873 PSecBuffer pBuffers;
874} SecBufferDesc;
875typedef SecBufferDesc* PSecBufferDesc;
876
877#endif /* __MINGW32__ */
878
879#endif /* !defined(_WIN32) || defined(_UWP) || defined(__MINGW32__) */
880
900typedef SECURITY_STATUS (*psSspiNtlmHashCallback)(void* client,
901 const SEC_WINNT_AUTH_IDENTITY* authIdentity,
902 const SecBuffer* ntproofvalue,
903 const BYTE* randkey, const BYTE* mic,
904 const SecBuffer* micvalue, BYTE* ntlmhash);
905
906typedef struct
907{
908 char* samFile;
909 WINPR_ATTR_NODISCARD psSspiNtlmHashCallback
910 hashCallback;
911 void* hashCallbackArg;
912} SEC_WINPR_NTLM_SETTINGS;
913
914typedef struct
915{
916 char* kdcUrl;
917 char* keytab;
918 char* cache;
919 char* armorCache;
920 char* pkinitX509Anchors;
921 char* pkinitX509Identity;
922 BOOL withPac;
923 INT32 startTime;
924 INT32 renewLifeTime;
925 INT32 lifeTime;
926 BYTE certSha1[20];
927} SEC_WINPR_KERBEROS_SETTINGS;
928
929typedef struct
930{
931 SEC_WINNT_AUTH_IDENTITY_EXW identity;
932 SEC_WINPR_NTLM_SETTINGS* ntlmSettings;
933 SEC_WINPR_KERBEROS_SETTINGS* kerberosSettings;
934} SEC_WINNT_AUTH_IDENTITY_WINPR;
935
936#define SECBUFFER_VERSION 0
937
938/* Buffer Types */
939#define SECBUFFER_EMPTY 0
940#define SECBUFFER_DATA 1
941#define SECBUFFER_TOKEN 2
942#define SECBUFFER_PKG_PARAMS 3
943#define SECBUFFER_MISSING 4
944#define SECBUFFER_EXTRA 5
945#define SECBUFFER_STREAM_TRAILER 6
946#define SECBUFFER_STREAM_HEADER 7
947#define SECBUFFER_NEGOTIATION_INFO 8
948#define SECBUFFER_PADDING 9
949#define SECBUFFER_STREAM 10
950#define SECBUFFER_MECHLIST 11
951#define SECBUFFER_MECHLIST_SIGNATURE 12
952#define SECBUFFER_TARGET 13
953#define SECBUFFER_CHANNEL_BINDINGS 14
954#define SECBUFFER_CHANGE_PASS_RESPONSE 15
955#define SECBUFFER_TARGET_HOST 16
956#define SECBUFFER_ALERT 17
957
958/* Security Buffer Flags */
959#define SECBUFFER_ATTRMASK 0xF0000000
960#define SECBUFFER_READONLY 0x80000000
961#define SECBUFFER_READONLY_WITH_CHECKSUM 0x10000000
962#define SECBUFFER_RESERVED 0x60000000
963
964#if !defined(_WIN32) || defined(_UWP)
965
966typedef void(SEC_ENTRY* SEC_GET_KEY_FN)(void* Arg, void* Principal, UINT32 KeyVer, void** Key,
967 SECURITY_STATUS* pStatus);
968
969typedef SECURITY_STATUS(SEC_ENTRY* ENUMERATE_SECURITY_PACKAGES_FN_A)(ULONG* pcPackages,
970 PSecPkgInfoA* ppPackageInfo);
971typedef SECURITY_STATUS(SEC_ENTRY* ENUMERATE_SECURITY_PACKAGES_FN_W)(ULONG* pcPackages,
972 PSecPkgInfoW* ppPackageInfo);
973
974#ifdef UNICODE
975#define EnumerateSecurityPackages EnumerateSecurityPackagesW
976#define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_W
977#else
978#define EnumerateSecurityPackages EnumerateSecurityPackagesA
979#define ENUMERATE_SECURITY_PACKAGES_FN ENUMERATE_SECURITY_PACKAGES_FN_A
980#endif
981
982typedef SECURITY_STATUS(SEC_ENTRY* QUERY_CREDENTIALS_ATTRIBUTES_FN_A)(PCredHandle phCredential,
983 ULONG ulAttribute,
984 void* pBuffer);
985typedef SECURITY_STATUS(SEC_ENTRY* QUERY_CREDENTIALS_ATTRIBUTES_FN_W)(PCredHandle phCredential,
986 ULONG ulAttribute,
987 void* pBuffer);
988
989#ifdef UNICODE
990#define QueryCredentialsAttributes QueryCredentialsAttributesW
991#define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_W
992#else
993#define QueryCredentialsAttributes QueryCredentialsAttributesA
994#define QUERY_CREDENTIALS_ATTRIBUTES_FN QUERY_CREDENTIALS_ATTRIBUTES_FN_A
995#endif
996
997typedef SECURITY_STATUS(SEC_ENTRY* ACQUIRE_CREDENTIALS_HANDLE_FN_A)(
998 LPSTR pszPrincipal, LPSTR pszPackage, ULONG fCredentialUse, void* pvLogonID, void* pAuthData,
999 SEC_GET_KEY_FN pGetKeyFn, void* pvGetKeyArgument, PCredHandle phCredential,
1000 PTimeStamp ptsExpiry);
1001typedef SECURITY_STATUS(SEC_ENTRY* ACQUIRE_CREDENTIALS_HANDLE_FN_W)(
1002 LPWSTR pszPrincipal, LPWSTR pszPackage, ULONG fCredentialUse, void* pvLogonID, void* pAuthData,
1003 SEC_GET_KEY_FN pGetKeyFn, void* pvGetKeyArgument, PCredHandle phCredential,
1004 PTimeStamp ptsExpiry);
1005
1006#ifdef UNICODE
1007#define AcquireCredentialsHandle AcquireCredentialsHandleW
1008#define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_W
1009#else
1010#define AcquireCredentialsHandle AcquireCredentialsHandleA
1011#define ACQUIRE_CREDENTIALS_HANDLE_FN ACQUIRE_CREDENTIALS_HANDLE_FN_A
1012#endif
1013
1014typedef SECURITY_STATUS(SEC_ENTRY* FREE_CREDENTIALS_HANDLE_FN)(PCredHandle phCredential);
1015
1016typedef SECURITY_STATUS(SEC_ENTRY* INITIALIZE_SECURITY_CONTEXT_FN_A)(
1017 PCredHandle phCredential, PCtxtHandle phContext, SEC_CHAR* pszTargetName, ULONG fContextReq,
1018 ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2,
1019 PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry);
1020typedef SECURITY_STATUS(SEC_ENTRY* INITIALIZE_SECURITY_CONTEXT_FN_W)(
1021 PCredHandle phCredential, PCtxtHandle phContext, SEC_WCHAR* pszTargetName, ULONG fContextReq,
1022 ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2,
1023 PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsExpiry);
1024
1025#ifdef UNICODE
1026#define InitializeSecurityContext InitializeSecurityContextW
1027#define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_W
1028#else
1029#define InitializeSecurityContext InitializeSecurityContextA
1030#define INITIALIZE_SECURITY_CONTEXT_FN INITIALIZE_SECURITY_CONTEXT_FN_A
1031#endif
1032
1033typedef SECURITY_STATUS(SEC_ENTRY* ACCEPT_SECURITY_CONTEXT_FN)(
1034 PCredHandle phCredential, PCtxtHandle phContext, PSecBufferDesc pInput, ULONG fContextReq,
1035 ULONG TargetDataRep, PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr,
1036 PTimeStamp ptsTimeStamp);
1037
1038typedef SECURITY_STATUS(SEC_ENTRY* COMPLETE_AUTH_TOKEN_FN)(PCtxtHandle phContext,
1039 PSecBufferDesc pToken);
1040
1041typedef SECURITY_STATUS(SEC_ENTRY* DELETE_SECURITY_CONTEXT_FN)(PCtxtHandle phContext);
1042
1043typedef SECURITY_STATUS(SEC_ENTRY* APPLY_CONTROL_TOKEN_FN)(PCtxtHandle phContext,
1044 PSecBufferDesc pInput);
1045
1046typedef SECURITY_STATUS(SEC_ENTRY* QUERY_CONTEXT_ATTRIBUTES_FN_A)(PCtxtHandle phContext,
1047 ULONG ulAttribute, void* pBuffer);
1048typedef SECURITY_STATUS(SEC_ENTRY* QUERY_CONTEXT_ATTRIBUTES_FN_W)(PCtxtHandle phContext,
1049 ULONG ulAttribute, void* pBuffer);
1050
1051#ifdef UNICODE
1052#define QueryContextAttributes QueryContextAttributesW
1053#define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_W
1054#else
1055#define QueryContextAttributes QueryContextAttributesA
1056#define QUERY_CONTEXT_ATTRIBUTES_FN QUERY_CONTEXT_ATTRIBUTES_FN_A
1057#endif
1058
1059typedef SECURITY_STATUS(SEC_ENTRY* IMPERSONATE_SECURITY_CONTEXT_FN)(PCtxtHandle phContext);
1060
1061typedef SECURITY_STATUS(SEC_ENTRY* REVERT_SECURITY_CONTEXT_FN)(PCtxtHandle phContext);
1062
1063typedef SECURITY_STATUS(SEC_ENTRY* MAKE_SIGNATURE_FN)(PCtxtHandle phContext, ULONG fQOP,
1064 PSecBufferDesc pMessage, ULONG MessageSeqNo);
1065
1066typedef SECURITY_STATUS(SEC_ENTRY* VERIFY_SIGNATURE_FN)(PCtxtHandle phContext,
1067 PSecBufferDesc pMessage, ULONG MessageSeqNo,
1068 PULONG pfQOP);
1069
1070typedef SECURITY_STATUS(SEC_ENTRY* FREE_CONTEXT_BUFFER_FN)(void* pvContextBuffer);
1071
1072typedef SECURITY_STATUS(SEC_ENTRY* QUERY_SECURITY_PACKAGE_INFO_FN_A)(SEC_CHAR* pszPackageName,
1073 PSecPkgInfoA* ppPackageInfo);
1074typedef SECURITY_STATUS(SEC_ENTRY* QUERY_SECURITY_PACKAGE_INFO_FN_W)(SEC_WCHAR* pszPackageName,
1075 PSecPkgInfoW* ppPackageInfo);
1076
1077#ifdef UNICODE
1078#define QuerySecurityPackageInfo QuerySecurityPackageInfoW
1079#define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_W
1080#else
1081#define QuerySecurityPackageInfo QuerySecurityPackageInfoA
1082#define QUERY_SECURITY_PACKAGE_INFO_FN QUERY_SECURITY_PACKAGE_INFO_FN_A
1083#endif
1084
1085typedef SECURITY_STATUS(SEC_ENTRY* EXPORT_SECURITY_CONTEXT_FN)(PCtxtHandle phContext, ULONG fFlags,
1086 PSecBuffer pPackedContext,
1087 HANDLE* pToken);
1088
1089typedef SECURITY_STATUS(SEC_ENTRY* IMPORT_SECURITY_CONTEXT_FN_A)(SEC_CHAR* pszPackage,
1090 PSecBuffer pPackedContext,
1091 HANDLE pToken,
1092 PCtxtHandle phContext);
1093typedef SECURITY_STATUS(SEC_ENTRY* IMPORT_SECURITY_CONTEXT_FN_W)(SEC_WCHAR* pszPackage,
1094 PSecBuffer pPackedContext,
1095 HANDLE pToken,
1096 PCtxtHandle phContext);
1097
1098#ifdef UNICODE
1099#define ImportSecurityContext ImportSecurityContextW
1100#define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_W
1101#else
1102#define ImportSecurityContext ImportSecurityContextA
1103#define IMPORT_SECURITY_CONTEXT_FN IMPORT_SECURITY_CONTEXT_FN_A
1104#endif
1105
1106typedef SECURITY_STATUS(SEC_ENTRY* ADD_CREDENTIALS_FN_A)(
1107 PCredHandle hCredentials, SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage, UINT32 fCredentialUse,
1108 void* pAuthData, SEC_GET_KEY_FN pGetKeyFn, void* pvGetKeyArgument, PTimeStamp ptsExpiry);
1109typedef SECURITY_STATUS(SEC_ENTRY* ADD_CREDENTIALS_FN_W)(
1110 PCredHandle hCredentials, SEC_WCHAR* pszPrincipal, SEC_WCHAR* pszPackage, UINT32 fCredentialUse,
1111 void* pAuthData, SEC_GET_KEY_FN pGetKeyFn, void* pvGetKeyArgument, PTimeStamp ptsExpiry);
1112
1113#ifdef UNICODE
1114#define AddCredentials AddCredentialsW
1115#define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_W
1116#else
1117#define AddCredentials AddCredentialsA
1118#define ADD_CREDENTIALS_FN ADD_CREDENTIALS_FN_A
1119#endif
1120
1121typedef SECURITY_STATUS(SEC_ENTRY* QUERY_SECURITY_CONTEXT_TOKEN_FN)(PCtxtHandle phContext,
1122 HANDLE* phToken);
1123
1124typedef SECURITY_STATUS(SEC_ENTRY* ENCRYPT_MESSAGE_FN)(PCtxtHandle phContext, ULONG fQOP,
1125 PSecBufferDesc pMessage, ULONG MessageSeqNo);
1126
1127typedef SECURITY_STATUS(SEC_ENTRY* DECRYPT_MESSAGE_FN)(PCtxtHandle phContext,
1128 PSecBufferDesc pMessage, ULONG MessageSeqNo,
1129 PULONG pfQOP);
1130
1131typedef SECURITY_STATUS(SEC_ENTRY* SET_CONTEXT_ATTRIBUTES_FN_A)(PCtxtHandle phContext,
1132 ULONG ulAttribute, void* pBuffer,
1133 ULONG cbBuffer);
1134typedef SECURITY_STATUS(SEC_ENTRY* SET_CONTEXT_ATTRIBUTES_FN_W)(PCtxtHandle phContext,
1135 ULONG ulAttribute, void* pBuffer,
1136 ULONG cbBuffer);
1137
1138#ifdef UNICODE
1139#define SetContextAttributes SetContextAttributesW
1140#define SET_CONTEXT_ATTRIBUTES_FN SET_CONTEXT_ATTRIBUTES_FN_W
1141#else
1142#define SetContextAttributes SetContextAttributesA
1143#define SET_CONTEXT_ATTRIBUTES_FN SET_CONTEXT_ATTRIBUTES_FN_A
1144#endif
1145
1146typedef SECURITY_STATUS(SEC_ENTRY* SET_CREDENTIALS_ATTRIBUTES_FN_A)(PCredHandle phCredential,
1147 ULONG ulAttribute,
1148 void* pBuffer, ULONG cbBuffer);
1149
1150typedef SECURITY_STATUS(SEC_ENTRY* SET_CREDENTIALS_ATTRIBUTES_FN_W)(PCredHandle phCredential,
1151 ULONG ulAttribute,
1152 void* pBuffer, ULONG cbBuffer);
1153
1154#ifdef UNICODE
1155#define SetCredentialsAttributes SetCredentialsAttributesW
1156#define SET_CREDENTIALS_ATTRIBUTES_FN SET_CREDENTIALS_ATTRIBUTES_FN_W
1157#else
1158#define SetCredentialsAttributes SetCredentialsAttributesA
1159#define SET_CREDENTIALS_ATTRIBUTES_FN SET_CREDENTIALS_ATTRIBUTES_FN_A
1160#endif
1161
1162#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION \
1163 1 /* Interface has all routines through DecryptMessage */
1164#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_2 \
1165 2 /* Interface has all routines through SetContextAttributes */
1166#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_3 \
1167 3 /* Interface has all routines through SetCredentialsAttributes */
1168#define SECURITY_SUPPORT_PROVIDER_INTERFACE_VERSION_4 \
1169 4 /* Interface has all routines through ChangeAccountPassword */
1170
1171typedef struct
1172{
1173 UINT32 dwVersion;
1174 WINPR_ATTR_NODISCARD ENUMERATE_SECURITY_PACKAGES_FN_A EnumerateSecurityPackagesA;
1175 WINPR_ATTR_NODISCARD QUERY_CREDENTIALS_ATTRIBUTES_FN_A QueryCredentialsAttributesA;
1176 WINPR_ATTR_NODISCARD ACQUIRE_CREDENTIALS_HANDLE_FN_A AcquireCredentialsHandleA;
1177 FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle;
1178 void* Reserved2;
1179 WINPR_ATTR_NODISCARD INITIALIZE_SECURITY_CONTEXT_FN_A InitializeSecurityContextA;
1180 WINPR_ATTR_NODISCARD ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext;
1181 WINPR_ATTR_NODISCARD COMPLETE_AUTH_TOKEN_FN CompleteAuthToken;
1182 DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext;
1183 WINPR_ATTR_NODISCARD APPLY_CONTROL_TOKEN_FN ApplyControlToken;
1184 WINPR_ATTR_NODISCARD QUERY_CONTEXT_ATTRIBUTES_FN_A QueryContextAttributesA;
1185 WINPR_ATTR_NODISCARD IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext;
1186 WINPR_ATTR_NODISCARD REVERT_SECURITY_CONTEXT_FN RevertSecurityContext;
1187 WINPR_ATTR_NODISCARD MAKE_SIGNATURE_FN MakeSignature;
1188 WINPR_ATTR_NODISCARD VERIFY_SIGNATURE_FN VerifySignature;
1189 FREE_CONTEXT_BUFFER_FN FreeContextBuffer;
1190 WINPR_ATTR_NODISCARD QUERY_SECURITY_PACKAGE_INFO_FN_A QuerySecurityPackageInfoA;
1191 void* Reserved3;
1192 void* Reserved4;
1193 WINPR_ATTR_NODISCARD EXPORT_SECURITY_CONTEXT_FN ExportSecurityContext;
1194 WINPR_ATTR_NODISCARD IMPORT_SECURITY_CONTEXT_FN_A ImportSecurityContextA;
1195 WINPR_ATTR_NODISCARD ADD_CREDENTIALS_FN_A AddCredentialsA;
1196 void* Reserved8;
1197 WINPR_ATTR_NODISCARD QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken;
1198 WINPR_ATTR_NODISCARD ENCRYPT_MESSAGE_FN EncryptMessage;
1199 WINPR_ATTR_NODISCARD DECRYPT_MESSAGE_FN DecryptMessage;
1200 WINPR_ATTR_NODISCARD SET_CONTEXT_ATTRIBUTES_FN_A SetContextAttributesA;
1201 WINPR_ATTR_NODISCARD SET_CREDENTIALS_ATTRIBUTES_FN_A SetCredentialsAttributesA;
1202} SecurityFunctionTableA;
1203typedef SecurityFunctionTableA* PSecurityFunctionTableA;
1204
1205typedef struct
1206{
1207 UINT32 dwVersion;
1208 WINPR_ATTR_NODISCARD ENUMERATE_SECURITY_PACKAGES_FN_W EnumerateSecurityPackagesW;
1209 WINPR_ATTR_NODISCARD QUERY_CREDENTIALS_ATTRIBUTES_FN_W QueryCredentialsAttributesW;
1210 WINPR_ATTR_NODISCARD ACQUIRE_CREDENTIALS_HANDLE_FN_W AcquireCredentialsHandleW;
1211 FREE_CREDENTIALS_HANDLE_FN FreeCredentialsHandle;
1212 void* Reserved2;
1213 WINPR_ATTR_NODISCARD INITIALIZE_SECURITY_CONTEXT_FN_W InitializeSecurityContextW;
1214 WINPR_ATTR_NODISCARD ACCEPT_SECURITY_CONTEXT_FN AcceptSecurityContext;
1215 WINPR_ATTR_NODISCARD COMPLETE_AUTH_TOKEN_FN CompleteAuthToken;
1216 DELETE_SECURITY_CONTEXT_FN DeleteSecurityContext;
1217 WINPR_ATTR_NODISCARD APPLY_CONTROL_TOKEN_FN ApplyControlToken;
1218 WINPR_ATTR_NODISCARD QUERY_CONTEXT_ATTRIBUTES_FN_W QueryContextAttributesW;
1219 WINPR_ATTR_NODISCARD IMPERSONATE_SECURITY_CONTEXT_FN ImpersonateSecurityContext;
1220 WINPR_ATTR_NODISCARD REVERT_SECURITY_CONTEXT_FN RevertSecurityContext;
1221 WINPR_ATTR_NODISCARD MAKE_SIGNATURE_FN MakeSignature;
1222 WINPR_ATTR_NODISCARD VERIFY_SIGNATURE_FN VerifySignature;
1223 FREE_CONTEXT_BUFFER_FN FreeContextBuffer;
1224 WINPR_ATTR_NODISCARD QUERY_SECURITY_PACKAGE_INFO_FN_W QuerySecurityPackageInfoW;
1225 void* Reserved3;
1226 void* Reserved4;
1227 WINPR_ATTR_NODISCARD EXPORT_SECURITY_CONTEXT_FN ExportSecurityContext;
1228 WINPR_ATTR_NODISCARD IMPORT_SECURITY_CONTEXT_FN_W ImportSecurityContextW;
1229 WINPR_ATTR_NODISCARD ADD_CREDENTIALS_FN_W AddCredentialsW;
1230 void* Reserved8;
1231 WINPR_ATTR_NODISCARD QUERY_SECURITY_CONTEXT_TOKEN_FN QuerySecurityContextToken;
1232 WINPR_ATTR_NODISCARD ENCRYPT_MESSAGE_FN EncryptMessage;
1233 WINPR_ATTR_NODISCARD DECRYPT_MESSAGE_FN DecryptMessage;
1234 WINPR_ATTR_NODISCARD SET_CONTEXT_ATTRIBUTES_FN_W SetContextAttributesW;
1235 WINPR_ATTR_NODISCARD SET_CREDENTIALS_ATTRIBUTES_FN_W SetCredentialsAttributesW;
1236} SecurityFunctionTableW;
1237typedef SecurityFunctionTableW* PSecurityFunctionTableW;
1238
1239typedef PSecurityFunctionTableA(SEC_ENTRY* INIT_SECURITY_INTERFACE_A)(void);
1240typedef PSecurityFunctionTableW(SEC_ENTRY* INIT_SECURITY_INTERFACE_W)(void);
1241
1242#ifdef UNICODE
1243#define InitSecurityInterface InitSecurityInterfaceW
1244#define SecurityFunctionTable SecurityFunctionTableW
1245#define PSecurityFunctionTable PSecurityFunctionTableW
1246#define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_W
1247#else
1248#define InitSecurityInterface InitSecurityInterfaceA
1249#define SecurityFunctionTable SecurityFunctionTableA
1250#define PSecurityFunctionTable PSecurityFunctionTableA
1251#define INIT_SECURITY_INTERFACE INIT_SECURITY_INTERFACE_A
1252#endif
1253
1254#ifdef __cplusplus
1255extern "C"
1256{
1257#endif
1258
1259#ifdef SSPI_DLL
1260
1261 /* Package Management */
1262
1263 WINPR_ATTR_NODISCARD
1264 WINPR_API SECURITY_STATUS SEC_ENTRY EnumerateSecurityPackagesA(ULONG* pcPackages,
1265 PSecPkgInfoA* ppPackageInfo);
1266
1267 WINPR_ATTR_NODISCARD
1268 WINPR_API SECURITY_STATUS SEC_ENTRY EnumerateSecurityPackagesW(ULONG* pcPackages,
1269 PSecPkgInfoW* ppPackageInfo);
1270
1271 WINPR_ATTR_NODISCARD
1272 WINPR_API PSecurityFunctionTableA SEC_ENTRY InitSecurityInterfaceA(void);
1273
1274 WINPR_ATTR_NODISCARD
1275 WINPR_API PSecurityFunctionTableW SEC_ENTRY InitSecurityInterfaceW(void);
1276
1277 WINPR_ATTR_NODISCARD
1278 WINPR_API SECURITY_STATUS SEC_ENTRY QuerySecurityPackageInfoA(SEC_CHAR* pszPackageName,
1279 PSecPkgInfoA* ppPackageInfo);
1280
1281 WINPR_ATTR_NODISCARD
1282 WINPR_API SECURITY_STATUS SEC_ENTRY QuerySecurityPackageInfoW(SEC_WCHAR* pszPackageName,
1283 PSecPkgInfoW* ppPackageInfo);
1284
1285 /* Credential Management */
1286
1287 WINPR_ATTR_NODISCARD
1288 WINPR_API SECURITY_STATUS SEC_ENTRY AcquireCredentialsHandleA(
1289 SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage, ULONG fCredentialUse, void* pvLogonID,
1290 void* pAuthData, SEC_GET_KEY_FN pGetKeyFn, void* pvGetKeyArgument, PCredHandle phCredential,
1291 PTimeStamp ptsExpiry);
1292
1293 WINPR_ATTR_NODISCARD
1294 WINPR_API SECURITY_STATUS SEC_ENTRY AcquireCredentialsHandleW(
1295 SEC_WCHAR* pszPrincipal, SEC_WCHAR* pszPackage, ULONG fCredentialUse, void* pvLogonID,
1296 void* pAuthData, SEC_GET_KEY_FN pGetKeyFn, void* pvGetKeyArgument, PCredHandle phCredential,
1297 PTimeStamp ptsExpiry);
1298
1299 WINPR_ATTR_NODISCARD
1300 WINPR_API SECURITY_STATUS SEC_ENTRY ExportSecurityContext(PCtxtHandle phContext, ULONG fFlags,
1301 PSecBuffer pPackedContext,
1302 HANDLE* pToken);
1303
1304 WINPR_ATTR_NODISCARD
1305 WINPR_API SECURITY_STATUS SEC_ENTRY FreeCredentialsHandle(PCredHandle phCredential);
1306
1307 WINPR_ATTR_NODISCARD
1308 WINPR_API SECURITY_STATUS SEC_ENTRY ImportSecurityContextA(SEC_CHAR* pszPackage,
1309 PSecBuffer pPackedContext,
1310 HANDLE pToken,
1311 PCtxtHandle phContext);
1312
1313 WINPR_ATTR_NODISCARD
1314 WINPR_API SECURITY_STATUS SEC_ENTRY ImportSecurityContextW(SEC_WCHAR* pszPackage,
1315 PSecBuffer pPackedContext,
1316 HANDLE pToken,
1317 PCtxtHandle phContext);
1318
1319 WINPR_ATTR_NODISCARD
1320 WINPR_API SECURITY_STATUS SEC_ENTRY QueryCredentialsAttributesA(PCredHandle phCredential,
1321 ULONG ulAttribute,
1322 void* pBuffer);
1323
1324 WINPR_ATTR_NODISCARD
1325 WINPR_API SECURITY_STATUS SEC_ENTRY QueryCredentialsAttributesW(PCredHandle phCredential,
1326 ULONG ulAttribute,
1327 void* pBuffer);
1328
1329 /* Context Management */
1330
1331 WINPR_ATTR_NODISCARD
1332 WINPR_API SECURITY_STATUS SEC_ENTRY
1333 AcceptSecurityContext(PCredHandle phCredential, PCtxtHandle phContext, PSecBufferDesc pInput,
1334 ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext,
1335 PSecBufferDesc pOutput, PULONG pfContextAttr, PTimeStamp ptsTimeStamp);
1336
1337 WINPR_ATTR_NODISCARD
1338 WINPR_API SECURITY_STATUS SEC_ENTRY ApplyControlToken(PCtxtHandle phContext,
1339 PSecBufferDesc pInput);
1340
1341 WINPR_ATTR_NODISCARD
1342 WINPR_API SECURITY_STATUS SEC_ENTRY CompleteAuthToken(PCtxtHandle phContext,
1343 PSecBufferDesc pToken);
1344
1345 WINPR_ATTR_NODISCARD
1346 WINPR_API SECURITY_STATUS SEC_ENTRY DeleteSecurityContext(PCtxtHandle phContext);
1347
1348 WINPR_ATTR_NODISCARD
1349 WINPR_API SECURITY_STATUS SEC_ENTRY FreeContextBuffer(void* pvContextBuffer);
1350
1351 WINPR_ATTR_NODISCARD
1352 WINPR_API SECURITY_STATUS SEC_ENTRY ImpersonateSecurityContext(PCtxtHandle phContext);
1353
1354 WINPR_ATTR_NODISCARD
1355 WINPR_API SECURITY_STATUS SEC_ENTRY InitializeSecurityContextA(
1356 PCredHandle phCredential, PCtxtHandle phContext, SEC_CHAR* pszTargetName, ULONG fContextReq,
1357 ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput, ULONG Reserved2,
1358 PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr,
1359 PTimeStamp ptsExpiry);
1360
1361 WINPR_ATTR_NODISCARD
1362 WINPR_API SECURITY_STATUS SEC_ENTRY InitializeSecurityContextW(
1363 PCredHandle phCredential, PCtxtHandle phContext, SEC_WCHAR* pszTargetName,
1364 ULONG fContextReq, ULONG Reserved1, ULONG TargetDataRep, PSecBufferDesc pInput,
1365 ULONG Reserved2, PCtxtHandle phNewContext, PSecBufferDesc pOutput, PULONG pfContextAttr,
1366 PTimeStamp ptsExpiry);
1367
1368 WINPR_ATTR_NODISCARD
1369 WINPR_API SECURITY_STATUS SEC_ENTRY QueryContextAttributes(PCtxtHandle phContext,
1370 ULONG ulAttribute, void* pBuffer);
1371
1372 WINPR_ATTR_NODISCARD
1373 WINPR_API SECURITY_STATUS SEC_ENTRY QuerySecurityContextToken(PCtxtHandle phContext,
1374 HANDLE* phToken);
1375
1376 WINPR_ATTR_NODISCARD
1377 WINPR_API SECURITY_STATUS SEC_ENTRY SetContextAttributes(PCtxtHandle phContext,
1378 ULONG ulAttribute, void* pBuffer,
1379 ULONG cbBuffer);
1380
1381 WINPR_ATTR_NODISCARD
1382 WINPR_API SECURITY_STATUS SEC_ENTRY RevertSecurityContext(PCtxtHandle phContext);
1383
1384 /* Message Support */
1385
1386 WINPR_ATTR_NODISCARD
1387 WINPR_API SECURITY_STATUS SEC_ENTRY DecryptMessage(PCtxtHandle phContext,
1388 PSecBufferDesc pMessage, ULONG MessageSeqNo,
1389 PULONG pfQOP);
1390
1391 WINPR_ATTR_NODISCARD
1392 WINPR_API SECURITY_STATUS SEC_ENTRY EncryptMessage(PCtxtHandle phContext, ULONG fQOP,
1393 PSecBufferDesc pMessage, ULONG MessageSeqNo);
1394
1395 WINPR_ATTR_NODISCARD
1396 WINPR_API SECURITY_STATUS SEC_ENTRY MakeSignature(PCtxtHandle phContext, ULONG fQOP,
1397 PSecBufferDesc pMessage, ULONG MessageSeqNo);
1398
1399 WINPR_ATTR_NODISCARD
1400 WINPR_API SECURITY_STATUS SEC_ENTRY VerifySignature(PCtxtHandle phContext,
1401 PSecBufferDesc pMessage, ULONG MessageSeqNo,
1402 PULONG pfQOP);
1403
1404#endif /* SSPI_DLL */
1405
1406#ifdef __cplusplus
1407}
1408#endif
1409
1410#endif
1411
1412#ifdef __cplusplus
1413extern "C"
1414{
1415#endif
1416
1417 /* Custom API */
1418
1419/* Extended SECPKG_ATTR IDs begin at 1000 */
1420#define SECPKG_ATTR_AUTH_IDENTITY 1001
1421#define SECPKG_ATTR_AUTH_PASSWORD 1002
1422#define SECPKG_ATTR_AUTH_NTLM_HASH 1003
1423#define SECPKG_ATTR_AUTH_NTLM_MESSAGE 1100
1424#define SECPKG_ATTR_AUTH_NTLM_TIMESTAMP 1101
1425#define SECPKG_ATTR_AUTH_NTLM_CLIENT_CHALLENGE 1102
1426#define SECPKG_ATTR_AUTH_NTLM_SERVER_CHALLENGE 1103
1427#define SECPKG_ATTR_AUTH_NTLM_NTPROOF_VALUE 1104
1428#define SECPKG_ATTR_AUTH_NTLM_RANDKEY 1105
1429#define SECPKG_ATTR_AUTH_NTLM_MIC 1106
1430#define SECPKG_ATTR_AUTH_NTLM_MIC_VALUE 1107
1431
1432#define SECPKG_CRED_ATTR_TICKET_LOGON 1200
1433
1434 typedef struct
1435 {
1436 char User[256 + 1];
1437 char Domain[256 + 1];
1438 } SecPkgContext_AuthIdentity;
1439
1440 typedef struct
1441 {
1442 char Password[256 + 1];
1443 } SecPkgContext_AuthPassword;
1444
1445 typedef struct
1446 {
1447 int Version;
1448 BYTE NtlmHash[16];
1449 } SecPkgContext_AuthNtlmHash;
1450
1451 typedef struct
1452 {
1453 BYTE Timestamp[8];
1454 BOOL ChallengeOrResponse;
1455 } SecPkgContext_AuthNtlmTimestamp;
1456
1457 typedef struct
1458 {
1459 BYTE ClientChallenge[8];
1460 } SecPkgContext_AuthNtlmClientChallenge;
1461
1462 typedef struct
1463 {
1464 BYTE ServerChallenge[8];
1465 } SecPkgContext_AuthNtlmServerChallenge;
1466
1467 typedef struct
1468 {
1469 UINT32 type;
1470 UINT32 length;
1471 BYTE* buffer;
1472 } SecPkgContext_AuthNtlmMessage;
1473
1474#define SSPI_INTERFACE_WINPR 0x00000001
1475#define SSPI_INTERFACE_NATIVE 0x00000002
1476
1477 typedef PSecurityFunctionTableA(SEC_ENTRY* INIT_SECURITY_INTERFACE_EX_A)(DWORD flags);
1478 typedef PSecurityFunctionTableW(SEC_ENTRY* INIT_SECURITY_INTERFACE_EX_W)(DWORD flags);
1479
1480 WINPR_API void sspi_GlobalInit(void);
1481 WINPR_API void sspi_GlobalFinish(void);
1482
1483 WINPR_ATTR_NODISCARD
1484 WINPR_API void* sspi_SecBufferAlloc(PSecBuffer SecBuffer, ULONG size);
1485 WINPR_API void sspi_SecBufferFree(PSecBuffer SecBuffer);
1486
1487#define sspi_SetAuthIdentity sspi_SetAuthIdentityA
1488 WINPR_ATTR_NODISCARD
1489 WINPR_API int sspi_SetAuthIdentityA(SEC_WINNT_AUTH_IDENTITY* identity, const char* user,
1490 const char* domain, const char* password);
1491
1492 WINPR_ATTR_NODISCARD
1493 WINPR_API int sspi_SetAuthIdentityW(SEC_WINNT_AUTH_IDENTITY* identity, const WCHAR* user,
1494 const WCHAR* domain, const WCHAR* password);
1495
1496 WINPR_ATTR_NODISCARD
1497 WINPR_API int sspi_SetAuthIdentityWithLengthW(SEC_WINNT_AUTH_IDENTITY* identity,
1498 const WCHAR* user, size_t userLen,
1499 const WCHAR* domain, size_t domainLen,
1500 const WCHAR* password, size_t passwordLen);
1501
1502 WINPR_ATTR_NODISCARD
1503 WINPR_API UINT32 sspi_GetAuthIdentityVersion(const void* identity);
1504
1505 WINPR_ATTR_NODISCARD
1506 WINPR_API UINT32 sspi_GetAuthIdentityFlags(const void* identity);
1507
1508 WINPR_ATTR_NODISCARD
1509 WINPR_API BOOL sspi_GetAuthIdentityUserDomainW(const void* identity, const WCHAR** pUser,
1510 UINT32* pUserLength, const WCHAR** pDomain,
1511 UINT32* pDomainLength);
1512
1513 WINPR_ATTR_NODISCARD
1514 WINPR_API BOOL sspi_GetAuthIdentityUserDomainA(const void* identity, const char** pUser,
1515 UINT32* pUserLength, const char** pDomain,
1516 UINT32* pDomainLength);
1517
1518 WINPR_ATTR_NODISCARD
1519 WINPR_API BOOL sspi_GetAuthIdentityPasswordW(const void* identity, const WCHAR** pPassword,
1520 UINT32* pPasswordLength);
1521
1522 WINPR_ATTR_NODISCARD
1523 WINPR_API BOOL sspi_GetAuthIdentityPasswordA(const void* identity, const char** pPassword,
1524 UINT32* pPasswordLength);
1525
1526 WINPR_ATTR_NODISCARD
1527 WINPR_API BOOL sspi_CopyAuthIdentityFieldsA(const SEC_WINNT_AUTH_IDENTITY_INFO* identity,
1528 char** pUser, char** pDomain, char** pPassword);
1529
1530 WINPR_ATTR_NODISCARD
1531 WINPR_API BOOL sspi_CopyAuthIdentityFieldsW(const SEC_WINNT_AUTH_IDENTITY_INFO* identity,
1532 WCHAR** pUser, WCHAR** pDomain, WCHAR** pPassword);
1533
1534 WINPR_ATTR_NODISCARD
1535 WINPR_API BOOL sspi_CopyAuthPackageListA(const SEC_WINNT_AUTH_IDENTITY_INFO* identity,
1536 char** pPackageList);
1537
1538 WINPR_ATTR_NODISCARD
1539 WINPR_API int sspi_CopyAuthIdentity(SEC_WINNT_AUTH_IDENTITY* identity,
1540 const SEC_WINNT_AUTH_IDENTITY_INFO* srcIdentity);
1541
1542 WINPR_API void sspi_FreeAuthIdentity(SEC_WINNT_AUTH_IDENTITY* identity);
1543
1544 WINPR_ATTR_NODISCARD
1545 WINPR_API const char* GetSecurityStatusString(SECURITY_STATUS status);
1546
1547 WINPR_ATTR_NODISCARD
1548 WINPR_API SecurityFunctionTableW* SEC_ENTRY InitSecurityInterfaceExW(DWORD flags);
1549
1550 WINPR_ATTR_NODISCARD
1551 WINPR_API SecurityFunctionTableA* SEC_ENTRY InitSecurityInterfaceExA(DWORD flags);
1552
1553#ifdef UNICODE
1554#define InitSecurityInterfaceEx InitSecurityInterfaceExW
1555#define INIT_SECURITY_INTERFACE_EX INIT_SECURITY_INTERFACE_EX_W
1556#else
1557#define InitSecurityInterfaceEx InitSecurityInterfaceExA
1558#define INIT_SECURITY_INTERFACE_EX INIT_SECURITY_INTERFACE_EX_A
1559#endif
1560
1561#ifdef __cplusplus
1562}
1563#endif
1564
1565#endif /* WINPR_SSPI_H */
SECURITY_INTEGER
Definition include/winpr/sspi.h:51
SEC_CHANNEL_BINDINGS
Definition include/winpr/sspi.h:349
SEC_WINNT_AUTH_IDENTITY_A
Definition include/winpr/sspi.h:715
SEC_WINNT_AUTH_IDENTITY_EX2
Definition include/winpr/sspi.h:784
SEC_WINNT_AUTH_IDENTITY_EXA
Definition include/winpr/sspi.h:756
SEC_WINNT_AUTH_IDENTITY_EXW
Definition include/winpr/sspi.h:741
SEC_WINNT_AUTH_IDENTITY_WINPR
Definition include/winpr/sspi.h:930
SEC_WINNT_AUTH_IDENTITY_W
Definition include/winpr/sspi.h:704
SEC_WINPR_KERBEROS_SETTINGS
Definition include/winpr/sspi.h:915
SEC_WINPR_NTLM_SETTINGS
Definition include/winpr/sspi.h:907
SEC_WINPR_NTLM_SETTINGS::hashCallbackArg
void * hashCallbackArg
Definition include/winpr/sspi.h:911
SEC_WINPR_NTLM_SETTINGS::hashCallback
WINPR_ATTR_NODISCARD psSspiNtlmHashCallback hashCallback
Definition include/winpr/sspi.h:910
SEC_WINPR_NTLM_SETTINGS::samFile
char * samFile
Definition include/winpr/sspi.h:908
SecPkgContex_DceInfo
Definition include/winpr/sspi.h:343
SecPkgContext_AccessToken
Definition include/winpr/sspi.h:302
SecPkgContext_AuthIdentity
Definition include/winpr/sspi.h:1435
SecPkgContext_AuthNtlmClientChallenge
Definition include/winpr/sspi.h:1458
SecPkgContext_AuthNtlmHash
Definition include/winpr/sspi.h:1446
SecPkgContext_AuthNtlmMessage
Definition include/winpr/sspi.h:1468
SecPkgContext_AuthNtlmServerChallenge
Definition include/winpr/sspi.h:1463
SecPkgContext_AuthNtlmTimestamp
Definition include/winpr/sspi.h:1452
SecPkgContext_AuthPassword
Definition include/winpr/sspi.h:1441
SecPkgContext_Authority
Definition include/winpr/sspi.h:314
SecPkgContext_Bindings
Definition include/winpr/sspi.h:576
SecPkgContext_ClientCreds
Definition include/winpr/sspi.h:337
SecPkgContext_ClientSpecifiedTarget
Definition include/winpr/sspi.h:319
SecPkgContext_ConnectionInfo
Definition include/winpr/sspi.h:326
SecPkgContext_EapKeyBlock
Definition include/winpr/sspi.h:361
SecPkgContext_Flags
Definition include/winpr/sspi.h:367
SecPkgContext_KeyInfo
Definition include/winpr/sspi.h:372
SecPkgContext_Lifespan
Definition include/winpr/sspi.h:381
SecPkgContext_Names
Definition include/winpr/sspi.h:387
SecPkgContext_NativeNames
Definition include/winpr/sspi.h:392
SecPkgContext_NegotiationInfoA
Definition include/winpr/sspi.h:398
SecPkgContext_NegotiationInfoW
Definition include/winpr/sspi.h:404
SecPkgContext_PackageInfoA
Definition include/winpr/sspi.h:416
SecPkgContext_PackageInfoW
Definition include/winpr/sspi.h:421
SecPkgContext_PasswordExpiry
Definition include/winpr/sspi.h:432
SecPkgContext_SessionAppData
Definition include/winpr/sspi.h:307
SecPkgContext_SessionInfo
Definition include/winpr/sspi.h:443
SecPkgContext_SessionKey
Definition include/winpr/sspi.h:437
SecPkgContext_Sizes
Definition include/winpr/sspi.h:450
SecPkgContext_StreamSizes
Definition include/winpr/sspi.h:458
SecPkgContext_SubjectAttributes
Definition include/winpr/sspi.h:467
SecPkgContext_SupportedSignatures
Definition include/winpr/sspi.h:472
SecPkgContext_TargetInformation
Definition include/winpr/sspi.h:478
SecPkgCredentials_Cert
Definition include/winpr/sspi.h:533
SecPkgCredentials_KdcProxySettingsA
Definition include/winpr/sspi.h:558
SecPkgCredentials_KdcProxySettingsW
Definition include/winpr/sspi.h:548
SecPkgCredentials_NamesA
Definition include/winpr/sspi.h:491
SecPkgCredentials_NamesW
Definition include/winpr/sspi.h:497
SecPkgCredentials_SSIProviderA
Definition include/winpr/sspi.h:518
SecPkgCredentials_SSIProviderW
Definition include/winpr/sspi.h:511
SEC_WINNT_AUTH_IDENTITY_INFO
Definition include/winpr/sspi.h:808